Re: Massive failed FTP attempts.
- From: Robert Bauer <rbauer@xxxxxxxxxxxxxxxxx>
- Date: Thu, 06 Sep 2007 17:03:08 -0400
I use a log-monitoring perl script (similar to what many have done for ssh) which locks out offending hosts via iptables. If you're interested, I'll email it to you.
Robert
Michael Nielson wrote:
I run several small LAMP virtual servers, I've noticed a large amount of failed FTP login attempts, these all attempt to login with common FTP usernames like Administrator, or webmaster (the FTP server is proFTPd version 1.2.10). The attacker will try from one IP address maybe 30 or 40 times and then moving to a new IP address. I have several questions, first what are they trying to do? Crack my password? Or exploit a bug with proftpd? I've been more diligent about choosing a difficult to break password. More important what can I do to limit the number of attempts on my server? Thanks tons!
Michael
- Follow-Ups:
- Re: Massive failed FTP attempts.
- From: Robert Bauer
- Re: Massive failed FTP attempts.
- References:
- Massive failed FTP attempts.
- From: Michael Nielson
- Massive failed FTP attempts.
- Prev by Date: Re: Advice regarding servers and Wiping Drives after testing
- Next by Date: RE: Vulnerability scanner/appliance
- Previous by thread: RE: Massive failed FTP attempts.
- Next by thread: Re: Massive failed FTP attempts.
- Index(es):
Relevant Pages
|
Loading
